<?php

include_once("core/user.php");

/**
 * Session
 * 
 * Class describing a Session
 *
 * @copyright inovia
 * @package oolime_core   
 */
class Session {

  public  $user;
  public  $modelUser;
  private $response;
  private $exists;
  private $logs;
  
  /**
   * Constructor 
   * @param DataBase $dataBase
   * @param array $kvTed
   * @todo Error cases
   */
  public function __construct(){
    global $database;
    global $user;
    global $response;
    global $logs;
    $sessOk         = session_start();
    $this->user     = &$user;
    $this->response = &$response;
    $this->logs = &$logs;
  }
  
  /**
   *  checks the session
   */      
  public function isOk(){
    if(isset($_SESSION["login"]) && isset($_SESSION["password"])){
      return true;
    }else{
      return false;
    }
  }
  
  /**
   *  checks the scookie
   */      
  public function isCookieOk(){
    global $configCookieName;
    if(isset($_COOKIE[$configCookieName]) && isset($_COOKIE[$configCookieName]["login"]) && isset($_COOKIE[$configCookieName]["password"]))
    {
      return true;
    }else{
      return false;
    }
  }
  
  /*
   * Initialize a session
   * 
   * @param string username
   * @param string user password      
   */
  public function init($puser,$ppassword,$cookie=false){
    global $configCookieLimit;
    global $configCookieName;
    if($puser!='' && $ppassword!=''){
      if(!eregi("[a-zA-Z0-9_-]{1,32}$",$puser) || !eregi("[a-zA-Z0-9_-]{1,32}$",$ppassword)){
        $request = "";
        foreach($_REQUEST as $key => $value){
          $request .= "&".$key."=".$value;
        }
        $this->logs->logAlert("injection attempt from : remote_addr : ".$_SERVER['REMOTE_ADDR']." user agent : ".$_SERVER['HTTP_USER_AGENT']."query : ".$_SERVER['PHP_SELF']."?".$request);
        return false;
      }
    }
    
    if(isset($puser) && isset($ppassword)){
      if(!isset($_SESSION["lang"])) $_SESSION["lang"]= "EN";
      
      /**
       * Tries a mapped instance
       */         
      $this->user  = new User("r","user",$puser);
      
      //no user 
      if(!$this->user->isOk()){
        $this->user->field->user = "unknown";
        $_SESSION["login"]       = "unknown";
        $_SESSION["password"]    = "";
        $this->response->addDebug("SESSION INIT : NO USER");
        return false;
        
      //if it's not the correct password
      }else if ($ppassword != $this->user->field->password){
          $this->user->field->user = "unknown";
          $_SESSION["login"]       = "unknown";
          $_SESSION["password"]    = "";
          $this->response->addDebug("SESSION INIT : NO USER BECAUSE WRONG PASSWORD");
          return false;
      }else{
        /**
         * User login and password couple is correct
         * The User instance is created
         */          
        $_SESSION["login"]     = $puser;
        $_SESSION["password"]  = $ppassword;
        if($cookie){
          setcookie($configCookieName."['login']", $puser, time()+$configCookieLimit);  
          setcookie($configCookieName."['password']", $ppassword, time()+$configCookieLimit);  
        }
        $this->exists = true;
        
        $this->response->addDebug("SESSION INIT : USER GRANTED --- user : ".$this->user->field->user);
        return true;
      }
    }else{
      $this->exists = false;
      return false;
    }
  }
  
  /**
   * Adds a key/value to the session
   * @param string the parameter name : must not be login or password
   * @param string the value     
   * @return bool true if succeed false else    
   */     
  public function addToSession($name,$value){
    if($this->isOk() && $name!='login' && $name!='password'){
      $_SESSION[$name] = $value;
      return true;
    }else{
      return false;
    }
  }
    
  /**
   * Adds a key/value to the cookie
   * @param string the parameter name : must not be login or password
   * @param string the value      
   * @return bool true if succeed false else    
   */ 
  public function addToCookie($name,$value){
    global $configCookieLimit;
    global $configCookieName;
    if($name!='login' && $name!='password'){
      setcookie($configCookieName."['".$name."']", $value, time()+$configCookieLimit);  
      return true;
    }else{
      return false;
    }
  }
  
  /**
   *  Retrieves a entry from the session
   *  @param string the entry's name
   *  @return mixed : the value if succeed, null else
   */     
  public function getFromSession($name){
    if(isset($_SESSION[$name])){
      return $_SESSION[$name];
    }else{
      return null;
    }
  }
  
  /**
   *  Retrieves a entry from the coookie
   *  @param string the entry's name
   *  @return mixed : the value if succeed, null else
   */     
  public function getFromCookie($name){
    global $configCookieName;
    if(isset($_COOKIE[$configCookieName]) && isset($_COOKIE[$configCookieName][$name])){
      return $_COOKIE[$configCookieName][$name];
    }else{
      return null;
    }
  }
    
}

?>
